hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,624 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.3
Commit Graph

6736 Commits

Author SHA1 Message Date
Asger Feldthaus
f563a015a4 JS: Recognize .njk extension in QL 2021-08-11 12:50:53 +02:00
Asger Feldthaus
e19b6c2c3b JS: Update taint step 2021-08-11 12:50:53 +02:00
Asger Feldthaus
13aa511364 JS: Support TemplatePlaceholderTag.getEnclosingExpr 
fixup! makeLocation
 2021-08-11 12:50:52 +02:00
Asger Feldthaus
0a14de1741 JS: Also extract .njk files 2021-08-11 12:36:35 +02:00
Asger Feldthaus
14bada4bbe JS: Model consolidate and factor in template syntax from call site 2021-08-11 12:36:35 +02:00
Asger Feldthaus
425bd7abf9 JS: Model template instantiation from Fastify, Hapi, and Koa 2021-08-11 12:36:35 +02:00
Asger Feldthaus
266c10462e JS: More aggressive TemplateFileReference.getValue 2021-08-11 12:36:35 +02:00
Asger Feldthaus
bc73d9f431 JS: Support templates importing each other 2021-08-11 12:36:35 +02:00
Asger Feldthaus
bb80fdddbd JS: Handle leading ../ in template resolution 2021-08-11 12:36:35 +02:00
Asger Feldthaus
6954a9ac23 JS: Treat EJS-include calls as template instantiations 
JS: Fixup EJS include call (API node)
 2021-08-11 12:36:35 +02:00
Asger Feldthaus
248715c743 JS: Restrict FileAccessToHttp a bit 2021-08-11 12:36:35 +02:00
Asger Feldthaus
8a50d99f33 JS: Treat GeneratedCodeExpr as DirectEval in UnusedVariable.ql 2021-08-11 12:36:35 +02:00
Asger Feldthaus
623557ba39 JS: "this" in a template is not the global object 2021-08-11 12:36:35 +02:00
Asger Feldthaus
ee33c593e0 JS: Autoformat 2021-08-11 12:36:34 +02:00
Asger Feldthaus
0f27bffb05 JS: Add sinks for server-template tags in AngularJS templates 2021-08-11 12:36:34 +02:00
Asger Feldthaus
d6dbabf9e0 JS: Ignore empty char sequences 2021-08-11 12:36:34 +02:00
Asger Feldthaus
745f9b36e0 JS: Exclude non-code script tags 2021-08-11 12:36:34 +02:00
Asger Feldthaus
2412f530f9 JS: Add steps and sinks for pipes 2021-08-11 12:36:34 +02:00
Asger Feldthaus
23eeb49959 JS: Detect relevant templating syntax, and add sinks 2021-08-11 12:36:34 +02:00
Asger Feldthaus
f3b97f05c9 JS: Add steps to/from placeholder tags 2021-08-11 12:36:34 +02:00
Asger Feldthaus
f1c663b01b JS: Add steps from instantiation site to placeholder expr 2021-08-11 12:36:34 +02:00
Asger Feldthaus
5659a8a30f JS: Add template resolution logic 2021-08-11 12:36:34 +02:00
Asger Feldthaus
1474c0788b JS: Introduce TemplateInstantiation 2021-08-11 12:36:34 +02:00
Asger Feldthaus
8fe2d84d53 JS: Move template-related classes to Templating file 2021-08-11 12:36:34 +02:00
Asger Feldthaus
f26e94c0db JS: Rename to Angular-style template 2021-08-11 12:36:34 +02:00
Asger Feldthaus
66cec65bfb JS: Format HTMLExtractor 2021-08-11 12:36:34 +02:00
Asger Feldthaus
8666bc1894 JS: Extract placeholders in HTML 2021-08-11 12:36:31 +02:00
Erik Krogh Kristensen
01a202fa10 fix cfg and dataflow for logical compound assignments 2021-08-10 12:17:59 +02:00
Asger Feldthaus
b1ce3d1c5a JS: Do not extract binary HTML 2021-08-10 12:15:44 +02:00
Asger Feldthaus
96a2c3f2db JS: Extract .hbs and .ejs as HTML 2021-08-10 12:15:44 +02:00
Asger Feldthaus
e678c16d59 JS: Parse EJS-style template tags 2021-08-10 12:15:44 +02:00
Asger Feldthaus
a7cdf532fa JS: Parse mustache-style tags as expressions 2021-08-10 12:15:43 +02:00
Asger Feldthaus
d1c31db06f JS: Reset implicit variable scope when leaving template expr 2021-08-10 12:15:43 +02:00
Asger Feldthaus
d83f5a9cd7 JS: Update StringConcatenation tests after handling 0-arg join calls 2021-08-10 08:56:36 +02:00
Asger Feldthaus
a3e56dea5e JS: Factor out StringOps::substringMethodName 2021-08-10 08:55:04 +02:00
Asger Feldthaus
1074d409fb JS: Autoformat 2021-08-10 08:55:03 +02:00
Asger Feldthaus
6ef83f8015 JS: Change note 2021-08-10 08:55:03 +02:00
Asger Feldthaus
f1bcfa287b JS: Add more tests 2021-08-10 08:55:03 +02:00
Asger Feldthaus
4efea4316e JS: Use TaintedUrlSuffix flow label in jQuery xss 2021-08-10 08:55:03 +02:00
Asger Feldthaus
88500a3fa3 JS: Update TRAP test output 2021-08-09 11:19:08 +02:00
Asger Feldthaus
2836d465e4 JS: Update locations in Angular2 test 2021-08-09 11:03:15 +02:00
CodeQL CI
562ba49f4e Merge pull request #6406 from erik-krogh/cleanCfg 
Approved by asgerf
 2021-08-09 00:21:31 -07:00
Erik Krogh Kristensen
d3ea58002d fix a case in union where order wasn't necessarily preserved 2021-08-05 08:48:15 +02:00
Erik Krogh Kristensen
6ca53c8b25 a little more special casing in CFGExtractor union 2021-08-05 08:32:56 +02:00
Erik Krogh Kristensen
7e422a656a remove unused imports 2021-08-04 23:41:36 +02:00
Erik Krogh Kristensen
ff9943906d micro optimize the hot loops by adding special cases and removing streams 2021-08-04 23:35:58 +02:00
Asger Feldthaus
1b67b43b40 JS: Change note 2021-08-04 16:25:59 +02:00
Asger Feldthaus
00f4694616 JS: Recognize methods returning DOM objects 2021-08-04 16:25:56 +02:00
valeria-meli
0b5c8909dd tests 2021-08-03 18:00:49 -03:00
valeria-meli
595ea6c383 files for qhelp 2021-08-03 18:00:29 -03:00